434c4dbc9eaa476a0a8a67f8a900fe2e_JaffaCakes118 | Triage

Sharing

General

Target

434c4dbc9eaa476a0a8a67f8a900fe2e_JaffaCakes118
Size

360KB
MD5

434c4dbc9eaa476a0a8a67f8a900fe2e
SHA1

696a733a6dca3b54b2884fed8b730d8e26ca182f
SHA256

30aeab7f3b8090aae179cb88ed03bb87fcd5a83f1795e83416178019af6a9d68
SHA512

ecbfe51c19ef2a6eeb4847767e75d64860f4cb0b2b7787dcdbb27cc22caf8ac567479d8f262fc0567bbbc9760454f8d079e5adc5e6b819539a57eaba71ffad71
SSDEEP

6144:UIrzdx/pWtNaN8h8pMq93aW8du7DV9X44lRM91hH/0xe/6071kyn17r9vlH:UIn9wav993aP+Vnlq/F08ila55dH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
434c4dbc9eaa476a0a8a67f8a900fe2e_JaffaCakes118

Files

434c4dbc9eaa476a0a8a67f8a900fe2e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66fb39e9013ad3e3e7a293ca50787b1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetCurrentThreadId
GetModuleFileNameA
InterlockedExchange
IsDebuggerPresent
GetFileAttributesW
GetCurrentProcess
LoadResource
InitializeCriticalSection
GetLastError
ExitProcess
VirtualAlloc
GetStartupInfoA
GetModuleHandleA

user32

GetSubMenu
InvalidateRect
GetWindowRect
UpdateWindow
ReleaseCapture
GetDesktopWindow
TranslateMessage
EnableMenuItem
DestroyWindow
SetWindowTextA

msvcrt

_controlfp
_except_handler3
__set_app_type
_strcmpi
__p__fmode
__p__commode
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ